From e00d5b6bbf38a9d95164c07b82f615d439f2bd6a Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Fri, 29 Nov 2019 06:04:47 +0100 Subject: gnu: xinetd: Update to 2.3.15.4 [fix build]. * gnu/packages/web.scm (xinetd): Update to 2.3.15.4. [source]: Switch to openSUSE (and Debian) maintenance fork. Remove obsolete patches. [native-inputs]: Add automake, autoconf, libtool, and pkg-config. [home-page]: Update. * gnu/packages/patches/xinetd-CVE-2013-4342.patch, gnu/packages/patches/xinetd-fix-fd-leak.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/packages/patches/xinetd-CVE-2013-4342.patch | 36 ------------------------- 1 file changed, 36 deletions(-) delete mode 100644 gnu/packages/patches/xinetd-CVE-2013-4342.patch (limited to 'gnu/packages/patches/xinetd-CVE-2013-4342.patch') diff --git a/gnu/packages/patches/xinetd-CVE-2013-4342.patch b/gnu/packages/patches/xinetd-CVE-2013-4342.patch deleted file mode 100644 index ad57bc7b0e..0000000000 --- a/gnu/packages/patches/xinetd-CVE-2013-4342.patch +++ /dev/null @@ -1,36 +0,0 @@ -Fix CVE-2013-4342: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342 -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324678 - -Patch copied from upstream source repository: - -https://github.com/xinetd-org/xinetd/commit/91e2401a219121eae15244a6b25d2e79c1af5864 - -From 91e2401a219121eae15244a6b25d2e79c1af5864 Mon Sep 17 00:00:00 2001 -From: Thomas Swan -Date: Wed, 2 Oct 2013 23:17:17 -0500 -Subject: [PATCH] CVE-2013-4342: xinetd: ignores user and group directives for - TCPMUX services - -Originally reported to Debian in 2005 and rediscovered , xinetd would execute TCPMUX services without dropping privilege to match the service configuration allowing the service to run with same privilege as the xinetd process (root). ---- - xinetd/builtins.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/xinetd/builtins.c b/xinetd/builtins.c -index 3b85579..34a5bac 100644 ---- a/xinetd/builtins.c -+++ b/xinetd/builtins.c -@@ -617,7 +617,7 @@ static void tcpmux_handler( const struct server *serp ) - if( SC_IS_INTERNAL( scp ) ) { - SC_INTERNAL(scp, nserp); - } else { -- exec_server(nserp); -+ child_process(nserp); - } - } - --- -2.7.4 - -- cgit v1.2.3